From 457563850833cfb0369c5f425fc3c46530eb9264 Mon Sep 17 00:00:00 2001 From: CPol Date: Mon, 30 Nov 2020 15:34:43 +0000 Subject: [PATCH] GitBook: [master] 403 pages and 64 assets modified --- .gitbook/assets/{a1.png => 1 (2).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (1).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (2).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (3).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (4).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (5).png} | Bin ...765732f6f72616e67655f696d672e706e67 (6) (6).png} | Bin .../assets/{image (243).png => image (107) (1).png} | Bin .../assets/{image (90).png => image (107) (2).png} | Bin .../assets/{image (67).png => image (119) (1).png} | Bin .../assets/{image (152).png => image (121) (1).png} | Bin .../assets/{image (190).png => image (172) (1).png} | Bin .../assets/{image (260).png => image (201) (1).png} | Bin .../assets/{image (198).png => image (202) (1).png} | Bin .../assets/{image (253).png => image (207) (1).png} | Bin .../assets/{image (153).png => image (209) (1).png} | Bin .../assets/{image (270).png => image (215) (1).png} | Bin .../assets/{image (158).png => image (227) (1).png} | Bin .../assets/{image (335).png => image (247) (1).png} | Bin .../assets/{image (252).png => image (254) (1).png} | Bin .../assets/{image (331).png => image (307) (1).png} | Bin .../assets/{image (73).png => image (309) (1).png} | Bin .../assets/{image (95).png => image (312) (1).png} | Bin .../assets/{image (144).png => image (314) (1).png} | Bin .../assets/{image (343).png => image (345) (1).png} | Bin .../assets/{image (344).png => image (345) (2).png} | Bin .../assets/{image (365).png => image (367) (1).png} | Bin .../assets/{image (398).png => image (389) (1).png} | Bin .../assets/{image (25).png => image (5) (1).png} | Bin .../assets/{image (61).png => image (79) (1).png} | Bin .../assets/{intruder4.gif => intruder4 (1) (1).gif} | Bin .gitbook/assets/{poison.jpg => poison (1) (1).jpg} | Bin 1911-pentesting-fox.md | 2 +- README.md | 2 +- brute-force.md | 4 +++- ctf-write-ups/try-hack-me/pickle-rick.md | 2 +- exploiting/reversing.md | 2 +- linux-unix/linux-privilege-escalation-checklist.md | 2 +- .../avd-android-virtual-device.md | 2 +- .../drozer-tutorial/exploiting-content-providers.md | 4 ++-- mobile-apps-pentesting/android-checklist.md | 2 +- pentesting-methodology.md | 2 +- .../exploiting-__viewstate-parameter.md | 2 +- .../java-dns-deserialization-and-gadgetprobe.md | 2 +- .../nodejs-proto-prototype-pollution.md | 2 +- .../unicode-normalization-vulnerability.md | 2 +- pentesting/623-udp-ipmi.md | 2 +- ...nr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md | 4 ++-- .../pentesting-network/wifi-attacks/README.md | 2 +- pentesting/pentesting-web/drupal.md | 2 +- pentesting/pentesting-web/graphql.md | 2 +- pentesting/pentesting-web/wordpress.md | 2 +- windows/active-directory-methodology/README.md | 2 +- .../privileged-accounts-and-token-privileges.md | 2 +- windows/checklist-windows-privilege-escalation.md | 2 +- 55 files changed, 27 insertions(+), 25 deletions(-) rename .gitbook/assets/{a1.png => 1 (2).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (1).png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (1).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (2).png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (2).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (3).png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (3).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (4).png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (5).png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (5).png} (100%) rename .gitbook/assets/{68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67.png => 68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (6).png} (100%) rename .gitbook/assets/{image (243).png => image (107) (1).png} (100%) rename .gitbook/assets/{image (90).png => image (107) (2).png} (100%) rename .gitbook/assets/{image (67).png => image (119) (1).png} (100%) rename .gitbook/assets/{image (152).png => image (121) (1).png} (100%) rename .gitbook/assets/{image (190).png => image (172) (1).png} (100%) rename .gitbook/assets/{image (260).png => image (201) (1).png} (100%) rename .gitbook/assets/{image (198).png => image (202) (1).png} (100%) rename .gitbook/assets/{image (253).png => image (207) (1).png} (100%) rename .gitbook/assets/{image (153).png => image (209) (1).png} (100%) rename .gitbook/assets/{image (270).png => image (215) (1).png} (100%) rename .gitbook/assets/{image (158).png => image (227) (1).png} (100%) rename .gitbook/assets/{image (335).png => image (247) (1).png} (100%) rename .gitbook/assets/{image (252).png => image (254) (1).png} (100%) rename .gitbook/assets/{image (331).png => image (307) (1).png} (100%) rename .gitbook/assets/{image (73).png => image (309) (1).png} (100%) rename .gitbook/assets/{image (95).png => image (312) (1).png} (100%) rename .gitbook/assets/{image (144).png => image (314) (1).png} (100%) rename .gitbook/assets/{image (343).png => image (345) (1).png} (100%) rename .gitbook/assets/{image (344).png => image (345) (2).png} (100%) rename .gitbook/assets/{image (365).png => image (367) (1).png} (100%) rename .gitbook/assets/{image (398).png => image (389) (1).png} (100%) rename .gitbook/assets/{image (25).png => image (5) (1).png} (100%) rename .gitbook/assets/{image (61).png => image (79) (1).png} (100%) rename .gitbook/assets/{intruder4.gif => intruder4 (1) (1).gif} (100%) rename .gitbook/assets/{poison.jpg => poison (1) (1).jpg} (100%) diff --git a/.gitbook/assets/a1.png b/.gitbook/assets/1 (2).png similarity index 100% rename from .gitbook/assets/a1.png rename to .gitbook/assets/1 (2).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (1).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (1).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (1).png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (1).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (2).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (2).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (2).png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (2).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (3).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (3).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (3).png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (3).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (4).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (4).png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (5).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (5).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (5).png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (5).png diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67.png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (6).png similarity index 100% rename from .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67.png rename to .gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (6).png diff --git a/.gitbook/assets/image (243).png b/.gitbook/assets/image (107) (1).png similarity index 100% rename from .gitbook/assets/image (243).png rename to .gitbook/assets/image (107) (1).png diff --git a/.gitbook/assets/image (90).png b/.gitbook/assets/image (107) (2).png similarity index 100% rename from .gitbook/assets/image (90).png rename to .gitbook/assets/image (107) (2).png diff --git a/.gitbook/assets/image (67).png b/.gitbook/assets/image (119) (1).png similarity index 100% rename from .gitbook/assets/image (67).png rename to .gitbook/assets/image (119) (1).png diff --git a/.gitbook/assets/image (152).png b/.gitbook/assets/image (121) (1).png similarity index 100% rename from .gitbook/assets/image (152).png rename to .gitbook/assets/image (121) (1).png diff --git a/.gitbook/assets/image (190).png b/.gitbook/assets/image (172) (1).png similarity index 100% rename from .gitbook/assets/image (190).png rename to .gitbook/assets/image (172) (1).png diff --git a/.gitbook/assets/image (260).png b/.gitbook/assets/image (201) (1).png similarity index 100% rename from .gitbook/assets/image (260).png rename to .gitbook/assets/image (201) (1).png diff --git a/.gitbook/assets/image (198).png b/.gitbook/assets/image (202) (1).png similarity index 100% rename from .gitbook/assets/image (198).png rename to .gitbook/assets/image (202) (1).png diff --git a/.gitbook/assets/image (253).png b/.gitbook/assets/image (207) (1).png similarity index 100% rename from .gitbook/assets/image (253).png rename to .gitbook/assets/image (207) (1).png diff --git a/.gitbook/assets/image (153).png b/.gitbook/assets/image (209) (1).png similarity index 100% rename from .gitbook/assets/image (153).png rename to .gitbook/assets/image (209) (1).png diff --git a/.gitbook/assets/image (270).png b/.gitbook/assets/image (215) (1).png similarity index 100% rename from .gitbook/assets/image (270).png rename to .gitbook/assets/image (215) (1).png diff --git a/.gitbook/assets/image (158).png b/.gitbook/assets/image (227) (1).png similarity index 100% rename from .gitbook/assets/image (158).png rename to .gitbook/assets/image (227) (1).png diff --git a/.gitbook/assets/image (335).png b/.gitbook/assets/image (247) (1).png similarity index 100% rename from .gitbook/assets/image (335).png rename to .gitbook/assets/image (247) (1).png diff --git a/.gitbook/assets/image (252).png b/.gitbook/assets/image (254) (1).png similarity index 100% rename from .gitbook/assets/image (252).png rename to .gitbook/assets/image (254) (1).png diff --git a/.gitbook/assets/image (331).png b/.gitbook/assets/image (307) (1).png similarity index 100% rename from .gitbook/assets/image (331).png rename to .gitbook/assets/image (307) (1).png diff --git a/.gitbook/assets/image (73).png b/.gitbook/assets/image (309) (1).png similarity index 100% rename from .gitbook/assets/image (73).png rename to .gitbook/assets/image (309) (1).png diff --git a/.gitbook/assets/image (95).png b/.gitbook/assets/image (312) (1).png similarity index 100% rename from .gitbook/assets/image (95).png rename to .gitbook/assets/image (312) (1).png diff --git a/.gitbook/assets/image (144).png b/.gitbook/assets/image (314) (1).png similarity index 100% rename from .gitbook/assets/image (144).png rename to .gitbook/assets/image (314) (1).png diff --git a/.gitbook/assets/image (343).png b/.gitbook/assets/image (345) (1).png similarity index 100% rename from .gitbook/assets/image (343).png rename to .gitbook/assets/image (345) (1).png diff --git a/.gitbook/assets/image (344).png b/.gitbook/assets/image (345) (2).png similarity index 100% rename from .gitbook/assets/image (344).png rename to .gitbook/assets/image (345) (2).png diff --git a/.gitbook/assets/image (365).png b/.gitbook/assets/image (367) (1).png similarity index 100% rename from .gitbook/assets/image (365).png rename to .gitbook/assets/image (367) (1).png diff --git a/.gitbook/assets/image (398).png b/.gitbook/assets/image (389) (1).png similarity index 100% rename from .gitbook/assets/image (398).png rename to .gitbook/assets/image (389) (1).png diff --git a/.gitbook/assets/image (25).png b/.gitbook/assets/image (5) (1).png similarity index 100% rename from .gitbook/assets/image (25).png rename to .gitbook/assets/image (5) (1).png diff --git a/.gitbook/assets/image (61).png b/.gitbook/assets/image (79) (1).png similarity index 100% rename from .gitbook/assets/image (61).png rename to .gitbook/assets/image (79) (1).png diff --git a/.gitbook/assets/intruder4.gif b/.gitbook/assets/intruder4 (1) (1).gif similarity index 100% rename from .gitbook/assets/intruder4.gif rename to .gitbook/assets/intruder4 (1) (1).gif diff --git a/.gitbook/assets/poison.jpg b/.gitbook/assets/poison (1) (1).jpg similarity index 100% rename from .gitbook/assets/poison.jpg rename to .gitbook/assets/poison (1) (1).jpg diff --git a/1911-pentesting-fox.md b/1911-pentesting-fox.md index 7c4117898..44046fec8 100644 --- a/1911-pentesting-fox.md +++ b/1911-pentesting-fox.md @@ -10,7 +10,7 @@ dht udp "DHT Nodes" ![](.gitbook/assets/image%20%28182%29.png) -![](.gitbook/assets/image%20%28345%29.png) +![](.gitbook/assets/image%20%28345%29%20%282%29.png) InfluxDB diff --git a/README.md b/README.md index ea70a951a..36a17486c 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Don't forget to **give ⭐ on the github** to motivate me to continue developing -![](.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29.png) +![](.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%286%29.png) [**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\* diff --git a/brute-force.md b/brute-force.md index 7528804f6..a05cf6d53 100644 --- a/brute-force.md +++ b/brute-force.md @@ -20,7 +20,7 @@ Find as much information about the target as you can and generate a custom dicti ### Crunch -```text +```bash crunch 4 6 0123456789ABCDEF -o crunch1.txt #From length 4 to 6 using that alphabet crunch 4 4 -f /usr/share/crunch/charset.lst mixalpha # Only length 4 using charset mixalpha (inside file charset.lst) @@ -112,6 +112,7 @@ medusa -u root -P 500-worst-passwords.txt -h -M ftp ```bash hydra -L /usr/share/brutex/wordlists/simple-users.txt -P /usr/share/brutex/wordlists/password.lst sizzle.htb.local http-get /certsrv/ +# Use https-get mode for httpS medusa -h -u -P -M http -m DIR:/path/to/auth -T 10 ``` @@ -119,6 +120,7 @@ medusa -h -u -P -M http -m DIR:/path/to/auth - ```bash hydra -L /usr/share/brutex/wordlists/simple-users.txt -P /usr/share/brutex/wordlists/password.lst domain.htb http-post-form "/path/index.php:name=^USER^&password=^PASS^&enter=Sign+in:Login name or password is incorrect" -V +# Use https-post-form mode for httpS ``` For http**s** you have to change from "http-post-form" to "**https-post-form"** diff --git a/ctf-write-ups/try-hack-me/pickle-rick.md b/ctf-write-ups/try-hack-me/pickle-rick.md index 91f82baf8..b611a9cae 100644 --- a/ctf-write-ups/try-hack-me/pickle-rick.md +++ b/ctf-write-ups/try-hack-me/pickle-rick.md @@ -8,7 +8,7 @@ This machine was categorised as easy and it was pretty easy. I started **enumerating the machine using my tool** [**Legion**](https://github.com/carlospolop/legion): -![](../../.gitbook/assets/image%20%2861%29.png) +![](../../.gitbook/assets/image%20%2879%29.png) In as you can see 2 ports are open: 80 \(**HTTP**\) and 22 \(**SSH**\) diff --git a/exploiting/reversing.md b/exploiting/reversing.md index ca1ae2ab0..6c62e8cb3 100644 --- a/exploiting/reversing.md +++ b/exploiting/reversing.md @@ -45,7 +45,7 @@ DebuggableAttribute.DebuggingModes.EnableEditAndContinue)] And click on **compile**: -![](../.gitbook/assets/image%20%28144%29.png) +![](../.gitbook/assets/image%20%28314%29.png) Then save the new file on _**File >> Save module...**_: diff --git a/linux-unix/linux-privilege-escalation-checklist.md b/linux-unix/linux-privilege-escalation-checklist.md index 1c56a6da6..72d8eced9 100644 --- a/linux-unix/linux-privilege-escalation-checklist.md +++ b/linux-unix/linux-privilege-escalation-checklist.md @@ -146,7 +146,7 @@ If you want to **know** about my **latest modifications**/**additions** or you h If you want to **share some tricks with the community** you can also submit **pull requests** to ****[**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) ****that will be reflected in this book. Don't forget to **give ⭐ on the github** to motivate me to continue developing this book. -![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%284%29.png) +![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29.png) ​[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\* diff --git a/mobile-apps-pentesting/android-app-pentesting/avd-android-virtual-device.md b/mobile-apps-pentesting/android-app-pentesting/avd-android-virtual-device.md index 8f173ea71..590222a0c 100644 --- a/mobile-apps-pentesting/android-app-pentesting/avd-android-virtual-device.md +++ b/mobile-apps-pentesting/android-app-pentesting/avd-android-virtual-device.md @@ -198,7 +198,7 @@ However there are **a lot of different command line useful options** that you ca First of all you need to download the Der certificate from Burp. You can do this in _**Proxy**_ --> _**Options**_ --> _**Import / Export CA certificate**_ -![](../../.gitbook/assets/image%20%28367%29.png) +![](../../.gitbook/assets/image%20%28367%29%20%281%29.png) **Export the certificate in Der format** and lets **transform** it to a form that **Android** is going to be able to **understand.** Note that **in order to configure the burp certificate on the Android machine in AVD** you need to **run** this machine **with** the **`-writable-system`** option. For example you can run it like: diff --git a/mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md b/mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md index 41ea01677..9c3fbc4a0 100644 --- a/mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md +++ b/mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md @@ -59,7 +59,7 @@ content://com.mwr.example.sieve.DBContentProvider/Passwords/ You should also check the **ContentProvider code** to search for queries: -![](../../../.gitbook/assets/image%20%28152%29.png) +![](../../../.gitbook/assets/image%20%28121%29%20%281%29.png) Also, if you can't find full queries you could **check which names are declared by the ContentProvider** on the `onCreate` method: @@ -76,7 +76,7 @@ When checking the code of the Content Provider **look** also for **functions** n ![](../../../.gitbook/assets/image%20%28211%29.png) -![](../../../.gitbook/assets/image%20%28254%29.png) +![](../../../.gitbook/assets/image%20%28254%29%20%281%29.png) Because you will be able to call them diff --git a/mobile-apps-pentesting/android-checklist.md b/mobile-apps-pentesting/android-checklist.md index c6b87bf8b..f32fa8181 100644 --- a/mobile-apps-pentesting/android-checklist.md +++ b/mobile-apps-pentesting/android-checklist.md @@ -60,7 +60,7 @@ If you want to **know** about my **latest modifications**/**additions** or you h If you want to **share some tricks with the community** you can also submit **pull requests** to ****[**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) ****that will be reflected in this book. Don't forget to **give ⭐ on the github** to motivate me to continue developing this book. -![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67.png) +![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29.png) ​[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\* diff --git a/pentesting-methodology.md b/pentesting-methodology.md index cce502a47..9da609e8e 100644 --- a/pentesting-methodology.md +++ b/pentesting-methodology.md @@ -132,7 +132,7 @@ Check also the page about [**NTLM**](windows/ntlm/), it could be very useful to * [**CBC-MAC**](crypto/cipher-block-chaining-cbc-mac-priv.md) * [**Padding Oracle**](crypto/padding-oracle-priv.md) -![](.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%281%29.png) +![](.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%281%29.png) ​[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop) diff --git a/pentesting-web/deserialization/exploiting-__viewstate-parameter.md b/pentesting-web/deserialization/exploiting-__viewstate-parameter.md index d38b16d38..98264d0e2 100644 --- a/pentesting-web/deserialization/exploiting-__viewstate-parameter.md +++ b/pentesting-web/deserialization/exploiting-__viewstate-parameter.md @@ -14,7 +14,7 @@ The following properties or combination of properties apply to ViewState informa ## **Test Cases** -![](../../.gitbook/assets/image%20%2873%29.png) +![](../../.gitbook/assets/image%20%28309%29.png) ### Test Case: 1 – EnableViewStateMac=false and viewStateEncryptionMode=false diff --git a/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md b/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md index 174c902a6..5d14871f9 100644 --- a/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md +++ b/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md @@ -149,7 +149,7 @@ You can download [**GadgetProbe**](https://github.com/BishopFox/GadgetProbe) fro Inside the github, [**GadgetProbe has some wordlists**](https://github.com/BishopFox/GadgetProbe/tree/master/wordlists) ****with Java classes for being tested. -![](../../.gitbook/assets/intruder4%20%281%29.gif) +![](../../.gitbook/assets/intruder4%20%281%29%20%281%29.gif) ### More Information diff --git a/pentesting-web/deserialization/nodejs-proto-prototype-pollution.md b/pentesting-web/deserialization/nodejs-proto-prototype-pollution.md index 18b3227db..6cb4981b1 100644 --- a/pentesting-web/deserialization/nodejs-proto-prototype-pollution.md +++ b/pentesting-web/deserialization/nodejs-proto-prototype-pollution.md @@ -4,7 +4,7 @@ First of all, we need to understand `Object`in JavaScript. An object is simply a collection of key and value pairs, often called properties of that object. For example: -![](../../.gitbook/assets/image%20%28398%29.png) +![](../../.gitbook/assets/image%20%28389%29%20%281%29.png) In Javascript, `Object`is a basic object, the template for all newly created objects. It is possible to create an empty object by passing `null`to `Object.create`. However, the newly created object will also have a type that corresponds to the passed parameter and inherits all the basic properties. diff --git a/pentesting-web/unicode-normalization-vulnerability.md b/pentesting-web/unicode-normalization-vulnerability.md index 2e1d1d4fe..ead3b02c4 100644 --- a/pentesting-web/unicode-normalization-vulnerability.md +++ b/pentesting-web/unicode-normalization-vulnerability.md @@ -72,7 +72,7 @@ Then, a malicious user could insert a different Unicode character equivalent to You could use one of the following characters to trick the webapp and exploit a XSS: -![](../.gitbook/assets/image%20%2895%29.png) +![](../.gitbook/assets/image%20%28312%29.png) Notice that for example the first Unicode character purposed can be sent as: `%e2%89%ae` or as `%u226e` diff --git a/pentesting/623-udp-ipmi.md b/pentesting/623-udp-ipmi.md index 7ff7c3ea7..b5a0d63c2 100644 --- a/pentesting/623-udp-ipmi.md +++ b/pentesting/623-udp-ipmi.md @@ -126,7 +126,7 @@ Once administrative access to the BMC is obtained, there are a number of methods ![](https://blog.rapid7.com/content/images/post-images/27966/ipmi_boot.png) -![](../.gitbook/assets/image%20%28198%29.png) +![](../.gitbook/assets/image%20%28202%29.png) ## Exploiting the BMC from the Host diff --git a/pentesting/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md b/pentesting/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md index 16cdd71cc..a77e2e352 100644 --- a/pentesting/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md +++ b/pentesting/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md @@ -45,7 +45,7 @@ responder -I --wpad Responder is going to **impersonate all the service using the mentioned protocols**. Once some user try to access a service being resolved using those protocols, **he will try to authenticate against Responde**r and Responder will be able to **capture** the "credentials" \(most probably a **NTLMv2 Challenge/Response**\): -![](../../.gitbook/assets/poison.jpg) +![](../../.gitbook/assets/poison%20%281%29.jpg) ## **Inveigh** @@ -77,7 +77,7 @@ If you want to use **MultiRelay**, go to _**/usr/share/responder/tools**_ and ex python MultiRelay.py -t -u ALL #If "ALL" then all users are relayed ``` -![](../../.gitbook/assets/image%20%28153%29.png) +![](../../.gitbook/assets/image%20%28209%29.png) ### Post-Exploitation \(MultiRelay\) diff --git a/pentesting/pentesting-network/wifi-attacks/README.md b/pentesting/pentesting-network/wifi-attacks/README.md index 8996fa956..a13b593da 100644 --- a/pentesting/pentesting-network/wifi-attacks/README.md +++ b/pentesting/pentesting-network/wifi-attacks/README.md @@ -241,7 +241,7 @@ Some really bad implementations allowed the Null PIN to connect \(very weird als All the proposed WPS attacks can be easily performed using _**airgeddon.**_ -![](../../../.gitbook/assets/image%20%28260%29.png) +![](../../../.gitbook/assets/image%20%28201%29%20%281%29.png) * 5 and 6 lets you try **your custom PIN** \(if you have any\) * 7 and 8 perform the **Pixie Dust attack** diff --git a/pentesting/pentesting-web/drupal.md b/pentesting/pentesting-web/drupal.md index c6e757a49..8297c3235 100644 --- a/pentesting/pentesting-web/drupal.md +++ b/pentesting/pentesting-web/drupal.md @@ -24,7 +24,7 @@ Accessing _/user/<number>_ you can see the number of existing users, in th ![](../../.gitbook/assets/image%20%2826%29.png) -![](../../.gitbook/assets/image%20%28158%29.png) +![](../../.gitbook/assets/image%20%28227%29.png) ## Hidden pages enumeration diff --git a/pentesting/pentesting-web/graphql.md b/pentesting/pentesting-web/graphql.md index f2f4e1bb3..2163fc59f 100644 --- a/pentesting/pentesting-web/graphql.md +++ b/pentesting/pentesting-web/graphql.md @@ -102,7 +102,7 @@ Below you can find the simplest demonstration of an application authentication r As we can see from the response screenshot, the first and the third requests returned _null_ and reflected the corresponding information in the _error_ section. The **second mutation had the correct authentication** data and the response has the correct authentication session token. -![](../../.gitbook/assets/image%20%2867%29.png) +![](../../.gitbook/assets/image%20%28119%29.png) ## Tools diff --git a/pentesting/pentesting-web/wordpress.md b/pentesting/pentesting-web/wordpress.md index dabbcd223..5c7b47b34 100644 --- a/pentesting/pentesting-web/wordpress.md +++ b/pentesting/pentesting-web/wordpress.md @@ -183,7 +183,7 @@ It is recommended to disable Wp-Cron and create a real cronjob inside the host t ``` -![](../../.gitbook/assets/image%20%2890%29.png) +![](../../.gitbook/assets/image%20%28107%29.png) ![](../../.gitbook/assets/image%20%28224%29.png) diff --git a/windows/active-directory-methodology/README.md b/windows/active-directory-methodology/README.md index 897c6cbcd..316d5d324 100644 --- a/windows/active-directory-methodology/README.md +++ b/windows/active-directory-methodology/README.md @@ -396,7 +396,7 @@ If you don't execute this from a Domain Controller, ATA is going to catch you, s -![](../../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%282%29.png) +![](../../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%282%29.png) ​[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\* diff --git a/windows/active-directory-methodology/privileged-accounts-and-token-privileges.md b/windows/active-directory-methodology/privileged-accounts-and-token-privileges.md index 2a1a6f9b7..56b6b65b8 100644 --- a/windows/active-directory-methodology/privileged-accounts-and-token-privileges.md +++ b/windows/active-directory-methodology/privileged-accounts-and-token-privileges.md @@ -37,7 +37,7 @@ If you don't want to wait an hour you can use a PS script to make the restore ha Note the spotless' user membership: -![](../../.gitbook/assets/a1.png) +![](../../.gitbook/assets/1%20%282%29.png) However, we can still add new users: diff --git a/windows/checklist-windows-privilege-escalation.md b/windows/checklist-windows-privilege-escalation.md index f95da7d54..3deea92c3 100644 --- a/windows/checklist-windows-privilege-escalation.md +++ b/windows/checklist-windows-privilege-escalation.md @@ -118,7 +118,7 @@ If you want to **know** about my **latest modifications**/**additions** or you h If you want to **share some tricks with the community** you can also submit **pull requests** to ****[**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) ****that will be reflected in this book. Don't forget to **give ⭐ on the github** to motivate me to continue developing this book. -![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%283%29.png) +![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%283%29.png) ​[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\*